<?php
/**
 * Model for the users and userpermissions.
 */
class UserModel
{
	/**
	 * Gets all users from the database and stores them in an array as User-objects.
	 * @return Array An array that contains User-objects.
	 */
	public function GetAllUsers()
	{
		require_once Settings::DBPath();
		$DB = new Database();
		
		if ( $DB->Connect() )
		{
			$users = array();
			
			$statement = $DB->Prepare( "SELECT UserID, Username, Password, Email FROM users" );
			$statement->execute();
			$statement->bind_result( $userId, $username, $password, $email );
	
			require_once 'User.php';
			while ( $statement->fetch() )
			{
				$users[] = new User( $userId, $username, $password, $email );
			}
	
			$statement->Close();
	
			return $users;
		}
	}
	
	/**
	* Deletes the user from the database.
	* @param int $userId Contains the UserID to delete.
	* @return Bool True/False if user was deleted from the database or not.
	*/
	public function DeleteUser( $userId )
	{
		require_once Settings::DBPath();
		$DB = new Database();
		
		if ( $DB->Connect() )
		{
			$statement = $DB->Prepare( "DELETE FROM users WHERE UserID=?" );
			$statement->bind_param( "i", $userId );
			$statement->execute();
			
			if ( $DB->CountAffectedRows() )
			{
				$statement->Close();
				return true;
			}
			$statement->Close();
			return false;
		}
	}
	
	/**
	* Gets the user from the database by the userId.
	* @param Int $userId The userID to use to get the user.
	* @return User A User-object.
	*/
	public function GetUserById( $userId )
	{
		require_once Settings::DBPath();
		$DB = new Database();
		
		if ( $DB->Connect() )
		{
			$statement = $DB->Prepare( "SELECT UserID, Username, Password, Email FROM users WHERE UserID=? " );
			$statement->bind_param( "i", $userId );
			$statement->execute();
			$statement->bind_result( $userId, $username, $password, $email );
			
			while ( $statement->fetch() )
			{
				$user = new User( $userId, $username, $password, $email );
			}
	
			$statement->Close();
	
			return $user;
		}
	}
	
	/**
	* Verifys the old password so the user can change to a new one.
	* @param Int $userId The UserID.
	* @param String $oldPassword The old password, SHA-1 encrypted.
	* @retrun Bool True/False if the password matches with the UserID.
	*/
	public function VerifyPassword( $userId, $oldPassword )
	{
		require_once Settings::DBPath();
		$DB = new Database();
		
		if ( $DB->Connect() )
		{
			$statement = $DB->Prepare( "SELECT Password FROM users WHERE UserID=?" );
			$statement->bind_param( "i", $userId );
			$statement->execute();
			$statement->bind_result( $currentPassword ) ;
			
			if ( $statement->fetch() )
			{
				// Check if the currentPassword matches the incoming one.
				if ( $currentPassword === $oldPassword )
				{
					$statement->Close();
					return true;
				}
				else
				{
					echo "Old password doesn't match!";
					$statement->Close();
					return false;
				}
			}
		}
		
	}
	
	/**
	* Saves the changes to the database.
	* @param Int $userId The UserID to save to in the database.
	* @param string $newPassword The new password (SHA1-encrypted below).
	* @param string $email The new e-mail adress.
	*/
	public function SaveChanges( $userID, $newPassword, $email )
	{
		require_once Settings::DBPath();
		$DB = new Database();
		
		if ( $DB->Connect() )
		{
			$statement = $DB->Prepare( "UPDATE users SET Password=?, Email=? WHERE UserID=?" );
			$statement->bind_param( "ssi", $newPassword, $email, $userID );
			$statement->execute();
			
			if ( $DB->CountAffectedRows() )
			{
				$statement->Close();
				return true;
			}
			else
			{
				echo $DB->GetErrors();
				$statement->Close();
				return false;
			}
		}
	}
}
